PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed to delete articles and place Russian text in the edit summary.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Windows Latest

Exclusive: Microsoft is adding image support to Notepad on Windows 11

Windows Latest has learned that Microsoft is adding image support to Notepad on Windows 11, and sources told us that the feature has “minimal impact” on performance. Microsoft sources also told us ...
The Indian Express

Microsoft fixes Notepad flaw that could allow attackers hijack your Windows PC

Microsoft has rolled out a security update to patch a critical vulnerability in its Notepad app. The development comes just a day after the developer of Notepad++, a popular alternative to Microsoft’s ...
TechRadar

Microsoft patches concerning Windows 11 Notepad security flaw - Markdown issues could have let hackers slip in malware without warning

Microsoft patches Windows 11 Notepad RCE flaw CVE-2026-20841 Vulnerability exploited Markdown links to execute malicious code with user permissions Patch Tuesday update fixes issue; versions 11.2510 ...
pcguide

Microsoft confirms worrying Remote Code Execution security flaw in Notepad and is rolling out a fix

When it comes to cybersecurity, Remote Code Execution is just about as bad as it gets, and that’s exactly what Microsoft has confirmed is affecting its Notepad app on Windows 11. The tech giant points ...
Bleeping Computer

Windows 11 Notepad flaw let files execute silently via Markdown links

However, with the release of Windows 11, Microsoft decided to discontinue WordPad and remove it from Windows. Instead, Microsoft rewrote Notepad to modernize it so it could act as both a simple text ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
theregister

Notepad's new Markdown powers served with a side of remote code execution

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE). Tracked as CVE-2026-20841 (8.8), the ...
PC Gamer

Thanks to Microsoft adding all those extra features to Notepad, it now unfortunately sports one more: An exploitation vulnerability with a high security rating

At least it's easy enough to avoid, until Notepad gets patched to fix the problem. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
cybernews

Critical Notepad vulnerability reignites criticism of Microsoft’s forced AI features

The Windows 11 Notepad app, recently upgraded with AI features, now carries a high-severity flaw that exposes users to dangerous attacks. Hackers can simply send boobytrapped text files and remotely ...